Is TPX impacted by Java-based vulnerabilities?
Article ID: 73101
Updated On:
Products
TPX - Session Management
Vman Session Management for z/OS
Issue/Introduction
Is TPX impacted by Java-based vulnerabilities?
For example:
Pivotal Spring Data REST and Spring Boot Vulnerability (CVE-2017-8046)
Pivotal Spring Framework Vulnerability (CVE-2018-1270)
Environment
CA TPX for z/OS
Resolution
CA TPX is assembler based and does not contain any 3rd party software. Thus, this does not affect TPX directly.
However, we cannot speak for TCP/IP, TN3270 Server and Client products customer may have. Spring Framework is common 3rd party software used by Java based products.
You should verify this with the vendors of your TN3270 clients that are used to access CA TPX.
However, we cannot speak for TCP/IP, TN3270 Server and Client products customer may have. Spring Framework is common 3rd party software used by Java based products.
You should verify this with the vendors of your TN3270 clients that are used to access CA TPX.
Additional Information
If you to find out about a vulnerability, you can find details on the Current Vulnerabilities and Exposures (CVE) website:
https://www.cvedetails.com/vulnerability-search.php
https://www.cvedetails.com/vulnerability-search.php
Feedback
Yes
No
Powered by
